17 messages in net.nether.puck.cisco-nsp[c-nsp] eigrp question
FromSent OnAttachments
Kern, TomJan 5, 2005 12:16 pm 
Kern, TomJan 5, 2005 12:29 pm 
Kern, TomJan 5, 2005 1:00 pm 
Rodney DunnJan 5, 2005 1:34 pm 
Kern, TomJan 5, 2005 1:36 pm 
Jim McBurnettJan 5, 2005 2:14 pm 
Kern, TomJan 5, 2005 3:56 pm 
Rodney DunnJan 5, 2005 4:41 pm 
Jim McBurnettJan 5, 2005 4:50 pm 
Kern, TomJan 5, 2005 4:56 pm 
Marty AdkinsJan 5, 2005 5:19 pm 
Jim McBurnettJan 5, 2005 11:29 pm 
Gert DoeringJan 6, 2005 4:14 am 
Pekka SavolaJan 6, 2005 5:10 am 
Randy BushJan 6, 2005 8:54 am 
Gert DoeringJan 6, 2005 9:35 am 
Randy BushJan 6, 2005 9:45 am 
Actions with this message:
Paste this link in email or IM:
Paste this link in email or IM:
Atom feed for this thread
Paste this URL into your reader:
Subject:[c-nsp] eigrp questionActions...
From:Marty Adkins (adk@netcraftsmen.net)
Date:Jan 5, 2005 5:19:19 pm
List:net.nether.puck.cisco-nsp

Jim McBurnett wrote:

IE. In the PIX firewall, if I was to do this I would do it like this:

1. STATIC command to allow X IP to inside router IP 2. ACL to permit eigrp from external router only to internal router via the static command 3. configure the neighbor command on the external and internal routers to identify each other.

How would the two routers/neighbors end up on a common subnet, as required by
EIGRP?

One other thing that surprised me is this statement in an EIGRP FAQ: http://www.cisco.com/en/US/tech/tk365/technologies_q_and_a_item09186a008012dac4.shtml#ten

"Although the neighbor command is accepted by the Cisco IOS? parser, it should
not be used. The neighbor statement does not behave as intended and can have a
negative effect on EIGRP neighbors."

Rodney, care to explain further?

4. Add a loopback interface on both routers with an unused IP address to test the routing protocol. 5. Use access-list / route-maps to restrict the routes sent to and from each router. 6. once communications was up, then secure it with MD5 7. remove the loopbacks.

- Marty